NXP Releases IC for Secure Encrypted UHF Reads

The company's Ucode DNA chip, which can be read via most standard UHF readers, transmits a dynamic, encrypted password that prevents a tag from being read without authorization, as well as precludes it from being cloned.

Global semiconductor company NXP has released its Ucode DNA integrated circuit—a passive EPC Gen 2 UHF RFID chip that the company says is the first to provide cryptographic authentication. By using a dynamic password that changes with each read event, and requiring verification of each password from a server, the Ucode DNA is aimed at preventing eavesdropping and tag cloning.

Each tag made with the Ucode DNA chip is secured with a unique and tag-specific crypto key, and can operate in a mode in which tag response changes every time it receives a new read request from an RFID reader. These security features allow end users to adopt passive EPC Gen 2 UHF tags for applications where previously such tags might not have been secure enough, explains Ralf Kodritsch, NXP's RFID segment manager. The Ucode DNA IC, which comes with 3 kilobits of memory, is intended for purposes such as electronic road tolling, vehicle registration, access control, asset tracking and brand protection, as well as parking and vehicular license-plate authentication.

Ralf Kodritsch

The new IC is designed in accordance with the GS1 UHF RFID Gen2v2 standard, and the cryptographic authentication it uses is designed in accordance with ISO/IEC 29167-10 for proof of origin based on AES (Advanced Encryption Standard). Each time the tag made with the Ucode DNA chip is read, it generates a new AES calculation based on its unique crypto key, which the reader receives and then needs to verify via either online (by accessing some cloud-based service) or offline mode (by using its own firmware to verify crypto key).

The new IC supports the encoding of two 128-bit keys onto the chip. If the tag cannot demonstrate to the reader that it has been encoded with its assigned crypto keys, the system will be alerted that the tag is a clone.

When the IC is used in privacy mode, the tag ID can be obtained only based on AES decryption. In this case, the tag will always respond with a randomized response (each time different in every RF transaction), which the reader must decrypt in order to receive the tag ID and to get access to the rest of the tag's user memory.

Because the tag responses are encrypted and always changing, eavesdropping of tag reads is impossible. Thus the tag prevents someone from creating cloned tags for attaching to counterfeit consumer products.

NXP announced the Ucode DNA at RFID Journal LIVE! earlier this month, and received subsequent interest from parties interested in tracking vehicles and high-value items and managing documents such as passports.

Historically, Kodritsch says, passive 13.56 MHz tags have been typically used for scenarios where security is essential such as with passports, banking cards or transportation tickets. That's because HF RFID tags are very secure because of their short read distance, he explains. For that reason, the HF tags are read only when placed directly in front of the reader, and eavesdropping with another reader would be practically impossible.